WIXLIB

Payment Express Hosted – PX Pay 2.0Integration GuideVersion 2.7

COPYRIGHT Copyright 2019, Payment Express98 Anzac AvenuePO Box 8400Auckland, 1150New Zealandwww.paymentexpress.comAll rights are reserved. No part of this work may be reproduced or copied in any form or by any means, electronic ormechanical, including photocopying, without the express written permission of Payment Express.PROPRIETARY NOTICEThe information described in this document is proprietary and confidential to Payment Express. Any unauthorised use ofthis material is expressly prohibited except as authorised by Payment Express in writing.

CONTENTSCopyright . 2Proprietary Notice . 2OVERVIEW . 5Key features . 5How It Works . 6BASIC COMMUNICATION . 7INTEGRATION METHODS . 8Mobile Device . 8Redirect . 8iFrame – Embedded Hosted Payment Page . 9PREPARATION . 10PX Pay 2.0 development account . 10PX Pay 2.0 sample code . 10TRANSACTION REQUEST . 11GenerateRequest XML Document . 11Request XML Document . 12TRANSACTION RESPONSE . 13ProcessResponse XML Document . 13Response XML Document . 14ELEMENT DESCRIPTIONS . 15COMMON SCENARIOS . 20Purchase Transaction Example . 20Auth Transaction Example. 22Finalizing Auth Transactions . 24Option 1: PX Pay 2.0 Payline . 25Option 2: PX Pay 2.0 Batch Upload . 26Option 3: PX Pay 2.0 Batch Processor . 26Option 4-5: PX Pay 2.0 PX Post/Webservice . 27TOKEN BILLING . 28Setup Phase . 28Token Creation Example . 29Rebill Phase . 32Option 1: PX Pay 2.0. 33Option 2: PX Pay 2.0 Batch Upload . 36Option 3: PX Pay 2.0 Batch Processor . 37Option 4-5: PX Pay 2.0 PX Post or Webservice . 37UPOP (UnionPay Online Payments) . 38HPP CUSTOMISATION . 44HPP Customisation via Payline . 45HPP Page 1 Sample - Customisable Fields (Payment Details & Payment Page) . 46HPP Page 1 Sample - Customisable Fields (Page Style) . 46HPP Page 2 Sample - Customisable Fields (Result Page) . 48

Merchant submitted CSS . 49FAIL-PROOF RESULT NOTIFICATION (FPRN) . 503D SECURE. 51TROUBLESHOOTING & FAQS . 52REQUEST RESPONSE CODES . 53GO LIVE . 54PxPay 2.0 Integration Guide - Version 2.7Page 4

OVERVIEWThe PX Pay 2.0 interface is a platform independent Hosted Payments Page (HPP) solution provided by Payment Express.The HPP provides a solution for the capturing credit card information securely without exposing the merchant to thesensitive data.This is achieved by allowing the card holder to enter their card details into a page which is hosted by Payment Expressrather than the merchants own website. The major advantage of this approach is that the merchant does not see, and isnot aware of, the card number at any point in the process. This is beneficial from a PCI DSS standpoint because the scopeof PCI DSS requirements is likely to be reduced.PCI DSS (Payment Card Industry Data Security Standard) is a set of comprehensive requirements created by card issuersAmerican Express, Discover Financial Services, JCB International, MasterCard and Visa to ensure the security of creditcard data online. All merchants, whether small or large, need to be PCI compliant. Payment Express is registered as aPCI DSS compliant service provider; therefore a payment page solution hosted by Payment Express meets all PCI DSSrequirements.KEY FEATURESA demonstration of PX Pay 2.0 can be found online at Pay 2.0 Integration Guide - Version 2.7Page 5

HOW IT WORKS1.To process a transaction, PX Pay 2.0 allows merchants to send XML requests to Payment Express via HTTPS poststo . PxPay Username & PxPay Key is required too.For testing PxPay 2.0 on our UAT environment - please send XML requests px.2.Payment Express responds with a unique URI (encrypted URL) for an SSL secure payments page.3.The merchant shopping cart uses the returned URI to redirect the customer to the secure Payment Express hostedpayments page.4.The customer will be prompted to enter their credit card details and complete the transaction. The transaction is thensent to the merchant bank for authorisation. The result is displayed and the user is automatically redirected back tothe merchant's website (success or fail uccess.aspx?result 0000840000185376f1519ff80a5ccd54&userid SampleUserId5.You take the "result" parameter value in the URL string i.e. 0000840000185376f1519ff80a5ccd54 along with the PXPay username and PX Pay key; to send the response request (ProcessResponse) to Payment Express and receivethe XML response back.6.The transaction results and other transaction details are decrypted and sent back to the merchant as a standard XMLresponse. NOTE: In case a blank XML response is returned, please retry the ProcessResponse twice with an intervalof 2 seconds.PxPay 2.0 Integration Guide - Version 2.7Page 6

BASIC COMMUNICATIONCharacter data sent via PX Pay 2.0 must be well formed XML.The XML document must contain the required opening and closing tags that contains the whole document i.e. the rootelement.Example: When generating the input XML document to begin a transactionrequest, the following GenerateRequest opening and closing tags must bepresent. GenerateRequest /GenerateRequest All tags must be nested properly. There must be an opening and a closing tag for all elements and the tags cannotoverlap.Example: Closing tags not complete. /AmountInput - has no closing angle bracket, therefore the tag is not complete. /AmountInput) - has a wrong closing bracket, therefore the tag is not complete.The XML tags are case sensitive and unique. If a tag is submitted which is not recognized by Payment Express and isnot a required element, it will be ignored and will not be returned in the response. If the tag is for a required element, anerror may occur and a response code will be returned.Example: If the AmountInput tag was sent with a lowercase “i” instead ofan uppercase “I” and error will occur the response code “IU – InvalidAmount” will be returned. Amountinput 1.00 /Amountinput - Incorrect AmountInput 1.00 /AmountInput - CorrectIf there is a possibility that a value will contain invalid characters (such as '&' and ‘ ’ in the cardholder name), pleaseformat the value using "HtmlEncoding", otherwise Payment Express will be unable to read the XML and will return anerror (i.e. “Not acceptable input XML”).Example, the following is invalid XML: GenerateRequest TxnData1 Bill & Son /TxnData1 MerchantReference Abc 123 /MerchantReference /GenerateRequest The following is how it should be formatted. GenerateRequest TxnData1 Bill & Son /TxnData1 MerchantReference Abc >> 123 /MerchantReference /GenerateRequest PxPay 2.0 Integration Guide - Version 2.7Page 7

INTEGRATION METHODSGenerally merchants implement a Payment Express hosted payment page solution in one of two ways; either redirectingthe user and their entire browser to the payment page or by presenting the payment page within an inline frame embeddedin a page on their website.MOBILE DEVICEThe PxPay 2.0 interface can also be integrated on a native mobile application as a payment method. The mobileapplication may utilise a webpage component to view the hosted payment page over HTTPs. The mobile platform beingintegrated with PxPay 2.0 should support HTTPS posts and XML data exchange.The PxPay 2.0 payment automatically switches to a mobile format for mobile devices by default. If the PxPay 2.0payment page is not responsive to the mobile device's screen as expected, please ensure the user agent string that thedevice's web browser is reporting is mobile specific within the first 255 characters of the string.If the hosted payment page is still not responsive on the mobile device screen, please note the following: Please email devsupport@paymentexpress.com and quote the exact user agent string of the relevant mobiledevice(s) used to send the transaction request.Also if a mobile web browser is used to redirect to the hosted payment page, please specify the exact mobileweb browser and the version.REDIRECTThe redirect integration method involves directing the user away from the merchant website to a Payment Express-hostedpage for the purposes of collecting credit card details. Once credit card details have been collected and a transactionprocessed the user is directed back to the merchant website. The image below demonstrates a payment page accessedusing the redirection method.Example Merchant WebsitePxPay 2.0 Integration Guide - Version 2.7Page 8Payment Express Hosted Payments Page(HPP)

IFRAME – EMBEDDED HOSTED PAYMENT PAGEThe iframe integration method involves presenting the Payment Express hosted payment page within the merchant websiteinside a frame. The iframe content can either be presented as the page loads or asynchronously (outside the normal pagerequest flow) based upon user interaction. Note that this method of integration may increase the scope of applicable PCIDSS requirements. Please speak to your acquirer to confirm their position on this particular implementation of the PaymentExpress hosted payment page. The images below demonstrate the iframe method of integration.Payment Express Hosted Payments Page(HPP) embedded in an iframe (ThickBox Example)Payment Express Hosted Payment Page(HPP) embedded in an iframePxPay 2.0 Integration Guide - Version 2.7Page 9

PREPARATIONTo begin integration testing you will need the following:Payment Express PX Pay 2.0 development accounts – Contact our Ecommerce sales team to request a Dev account(Please refer to: http://www.paymentexpress.com/Contact Us), or apply online athttps://sec.paymentexpress.com/pxmi/apply.PX Pay 2.0 interface technical specification www.paymentexpress.com/Technical Resources/Ecommerce Hosted/PxPay 2 0PX Pay 2.0 sample code - www.paymentexpress.com/Technical Resources/Ecommerce Hosted/PxPay 2 0PX PAY 2.0 DEVELOPMENT ACCOUNTA PX Pay 2.0 development account is usually setup within 1-3 business days. Each test account will be assigned to thePayment Express test environment which simulates a connection to the merchant bank. To access the PX Pay 2.0account, a UserId and Key will be provided.Example:PxPayUserId: Sample2 DevPxPayKey: cdef1234567890All PX Pay 2.0 accounts also come with a Payline account. Developers can use Payline to track down their testtransactions, process transactions manually, and generate transaction reports. To access the Payline account, use thePXPayUserId along with a unique alphanumeric password setup just for Payline.Payline login URL: :Payline Username: Sample2 Dev (Same as PxPay2UserId)Payline Password: abcd1234PX PAY 2.0 SAMPLE CODESample code can be provided in the following languages:PHP cURLPHP OpenSSLASP.Net 3.5 (C#)ASP.Net 3.5 (VB)JavaColdFusionYou will need to ensure the client library sending HTTP request is using TLSv1.2 for connectivity at all times.All the sample codes can be downloaded from the y2 SampleCode.zipPxPay 2.0 Integration Guide - Version 2.7Page 10